Security Infusion
Simple, effective and affordable software as a service solution for monitoring, auditing and mitigating risk of IT resources.
The business need
Digital transformation is turning IT Operations into the most significant element of daily business activities. Corporate assets are also transforming due to the continuous abstraction and convergence of ICT resources. Cloud and mobility have multiplied operational challenges while creating at the same time new business opportunities.Digital business and its operations generate new, diverse, cyber security challenges in terms of everyday productive engagements but also in terms of compatibility with regulation, compliance and financial governance. As online transactions and data are growing exponentially, cyber threats are the norm, not the extraordinary. IT security is now an integral part of business operations and a critical element of corporate activity.
Features
- Real time monitoring and alerting of hosts, services and security status
- Real time security assessment based on process profiling, network scans and rule-based intrusion detection
- Intelligent operating algorithms powered by machine learning
- Cloud (public-private-hybrid) or edge deployment
- SaaS delivery
- API and PaaS options
The Stack:
Infusion Agents are installed on monitored hosts and collect operational data. The Infusion Manager collects and analyzes data transforming them to exploitable information.The Infusion Manager can also initiate inbound port scanning and vulnerability assessment of monitored infrastructure. The Web User Interface visualizes the information and enables management and mitigation of risk for the monitored infrastructure
Inventory
Port Scanning
Monitoring
Vulnerability Assessment
Analytics
Event Analyzer
Forensic Analysis
Inventory
Port Scanning
Monitoring
Vulnerability Assessment
Analytics
Event Analyzer
Forensic Analysis
Inventory
Inventory of Licensed Nodes
(having the Infusion Agent installed and running).
- Hardware Assets.
- Software Assets.
- Internal Storage.
- Network.
Infusion Inventory sets the base for the proper asset management of the underlying infrastructure.
Port Scanning
Ip-based, agent-independent overview of the LAN’s devices services.
- Inspection of open ports.
- Detection & Assessment the relative operating network services.
Infusion port scanning offers a thorough depiction of the activity inside the local network from an external approach, adding another level of situational awareness.
Monitoring
Agent-based Nodes monitoring.
Hosts (nodes with agents installed) & services running on them.
- Host Status.
- Service Status.
- Alerts (email & Slack).
Infusion Host monitoring provides operational awareness of the basic infrastructure elements and their services along with early warning in case of downtime or other critical status level.
Vulnerability Assessment
Detection of common cybersecurity vulnerabilities.
Agent-based assessment built around specific operational requirements and policies along with publicly known and reported vulnerability issues (i.e. CVE® lists).
- Operating System level vulnerabilities.
- Services Level Vulnerabilities (http, smtp, etc.).
- Report Generation.
Infusion Vulnerability Assessment provides the administrator with essential information on the Nodes (agent hosts) status enabling them to get insight, impact assessment and proposed solutions about soft points in their infrastructure.
Analytics
Nodes profiling and performance management.
- System Profiling.
- Processes analysis.
- Performance Visualization.
Infusion Analytics combines details about the status of the infrastructure with a data fusion overview approach through the Black Hat scoring scale (black hat = hacker) for each node hosting an agent. The lowest the score for a node (host) the better. Details concerning each node’s assets and operation are broken down and visualized accordingly through intuitive UI.
Event Analyzer
Surveillance and data gathering for events on all aspects of systems (hosts) activity including file integrity monitoring, log monitoring, rootcheck, and process monitoring.
- Log analysis.
- File integrity.
- Windows registry monitoring.
- Rootkit detection.
- Support and protection on multiple operating systems.
Infusion event analyzer is built on open components (i.e. OSSEC toolkit) gathering relative operational data and triggers rule based alerts enabling active response where needed.
Forensic Analysis
Real time or historical snapshots of the hosts with detailed analysis on processes and features.
- System Score.
- Status details.
- Handles details.
- Connections details.
- General system info.
Infusion forensic analysis instigates the ability to preserve, identify, recover, analyze and present facts concerning events and their impact in operational capability.
1. Inventory
Inventory of Licensed Nodes
(having the Infusion Agent installed and running).
- Hardware Assets.
- Software Assets.
- Internal Storage.
- Network.
Infusion Inventory sets the base for the proper asset management of the underlying infrastructure.
2. Port Scaning
Ip-based, agent-independent overview of the LAN’s devices services.
- Inspection of open ports.
- Detection & Assessment the relative operating network services.
Infusion port scanning offers a thorough depiction of the activity inside the local network from an external approach, adding another level of situational awareness.
3. Monitoring
Agent-based Nodes monitoring.
Hosts (nodes with agents installed) & services running on them.
- Host Status.
- Service Status.
- Alerts (email & Slack).
Infusion Host monitoring provides operational awareness of the basic infrastructure elements and their services along with early warning in case of downtime or other critical status level.
4. Vulnerabilities assessment
Detection of common cybersecurity vulnerabilities.
Agent-based assessment built around specific operational requirements and policies along with publicly known and reported vulnerability issues (i.e. CVE® lists).
- Operating System level vulnerabilities.
- Services Level Vulnerabilities (http, smtp, etc.).
- Report Generation.
Infusion Vulnerability Assessment provides the administrator with essential information on the Nodes (agent hosts) status enabling them to get insight, impact assessment and proposed solutions about soft points in their infrastructure.
5. Analytics
Nodes profiling and performance management.
- System Profiling.
- Processes analysis.
- Performance Visualization.
Infusion Analytics combines details about the status of the infrastructure with a data fusion overview approach through the Black Hat scoring scale (black hat = hacker) for each node hosting an agent. The lowest the score for a node (host) the better. Details concerning each node’s assets and operation are broken down and visualized accordingly through intuitive UI.
6. Event analyser
Surveillance and data gathering for events on all aspects of systems (hosts) activity including file integrity monitoring, log monitoring, rootcheck, and process monitoring.
- Log analysis.
- File integrity.
- Windows registry monitoring.
- Rootkit detection.
- Support and protection on multiple operating systems.
Infusion event analyzer is built on open components (i.e. OSSEC toolkit) gathering relative operational data and triggers rule based alerts enabling active response where needed.
7. Forensic Analysis
Real time or historical snapshots of the hosts with detailed analysis on processes and features.
- System Score.
- Status details.
- Handles details.
- Connections details.
- General system info.
Infusion forensic analysis instigates the ability to preserve, identify, recover, analyze and present facts concerning events and their impact in operational capability.
Information Technology
for Market Leadership
© 2020 All Rights Reserved.